by guru | Mar 22, 2023 | Blueteam
Becoming a Junior Penetration Tester is a dream come true for many who are passionate about cybersecurity. However, getting there isn’t always easy. One of the most crucial parts of the journey is the interview process. In this post, we’ll go through everything you...
by guru | Feb 25, 2022 | Redteam
PowerView (github.com/PowerShellMafia/PowerSploit) is an offensive PowerShell script that allows you to perform a variety of tasks against an internal domain, including recon, privilege escalation, persistance, and exfiltration. What you may not already know though is...
by guru | Nov 16, 2021 | Pass The OSCP, Vulnhub
This is the HackMyVM Keys Walkthrough. Web Enumeration The webserver is hiding interesting files, it took a few different lists from seclists to find something good. What we do find is a file readme.php and that means we can investigate further. gobuster dir -r -u...
by guru | Oct 31, 2021 | Pass The OSCP, Vulnhub
Preparing for the OSCP exam means you need to know the basics, but you also need the experience. There is perhaps no better way to test how prepared you are for the exam than by hacking web apps. In this walkthrough, we will cover one important skill to master, SQL...
by guru | Sep 11, 2021 | Pass The OSCP, Vulnhub
This is the Hacker Kid Vulnhub walkthrough. Here’s what you will learn from this walkthrough. One thing you will learn is how to do binary analysis for Linux privilege escalation, but that is all I will give away. This is an excellent OSCP like box you can use...
by The Ethical Hacking Guru | Aug 14, 2021 | Vulnhub
This is the Billi Box 2 Vulnhub walkthrough. Here’s what you will learn from this walkthrough. One thing you will learn is how to do binary analysis for Linux privilege escalation, but that is all I will give away. This is an excellent OSCP like box you can use...
by The Ethical Hacking Guru | Aug 1, 2021 | Vulnhub
Exploiting vulnerable machines in a legal and safe environment is the only way to become an experienced ethical hacker. That is what this site is dedicated to, and so I present to you the HMS 1 vulnhub walkthrough, another of the vulnhub series here on the site. HMS 1...
by The Ethical Hacking Guru | Jul 28, 2021 | Redteam
Penetration testing is one of the most emerging and promising fields in the IT sector. Penetration testers are ethical hackers. These “good” hackers are usually hired by system software owners or web-based application companies. The pen testers check the vulnerability...
by The Ethical Hacking Guru | Jul 28, 2021 | Exploit Development, Redteam
In this tutorial, you will learn how to write a reverse shell in Nim to bypass antivirus detection. What Is Nim? Nim is a scripting language similar to Python in syntax, but close to Golang in that it requires statically typed variables and it compiles its programs....
by The Ethical Hacking Guru | Jul 5, 2021 | Vulnhub
This is a walkthrough for the VulnCMS:1 vulnhub machine. If you are looking for OSCP-like vulnhub boxes to practice with then look no further. Really if you want to prepare for the OSCP then you should consider subscribing to the Ethical Hacking Guru Academy. Want to...
by The Ethical Hacking Guru | Apr 17, 2021 | Uncategorized
You can use a free online resource to crack hashes with hashcat, without having to break the bank for an overpriced graphics card these days. It’s called Colabcat and using colabcat is a free easy way to crack passwords online. If you are a complete beginner to...
by The Ethical Hacking Guru | Mar 5, 2021 | C#, ConfuserEx, Redteam
In this tutorial, I cover how to use ConfuserEx and neo-ConfuserEx to bypass antivirus. It’s worth mentioning that ConfuserEx only obfuscates .NET assemblies (compiled C# programs). I will use ConfuserEx to obfuscate a compiled version of the SafetyKatz project....
by The Ethical Hacking Guru | Mar 4, 2021 | C#, Go
I played around with using csc /out:outfile.exe program.cs but the thing is you can use an executable or a DLL just the same using the Assembly.Load() method which comes with the System.Inflection namespace. This method does the following – Loads an assembly....
by The Ethical Hacking Guru | Feb 20, 2021 | Go, Redteam
Go can be used by ethical hackers to run shellcode generated by Metasploit. That means you can use msfvenom to create shellcode that can be used by a go program to execute it. For this tutorial, I am using this project go-shellcode by brimstone on Github. First make...
by The Ethical Hacking Guru | Feb 20, 2021 | Go, Redteam
Go is a popular tool for offensive programming these days. The antivirus vendors are still catching up to it since it is still a niche tool for ethical hacking purposes. In this tutorial you will learn how to write a Go program to open a new Notepad process. You will...
by The Ethical Hacking Guru | Feb 14, 2021 | Redteam
Network File System (NFS) shares are the Linux version of Windows SMB shares. These are used for Unix-based machines to share files with each other. Mounting an NFS share allows the remote client to view the files as if they were viewing them locally on the same...
by The Ethical Hacking Guru | Feb 13, 2021 | Go
An application should be easy to use. You’ve heard it before, about the legacy app that was migrated, and now the guy who managed it is no longer around. No one knows how it works. This is how I use Cobra for easy Golang cli flags for all my apps that need it....
by The Ethical Hacking Guru | Feb 10, 2021 | Crackmapexec, Redteam
By default wdigest is disabled on Windows 10, but not removed. You can enable it with a registry change. This is a short and sweet tutorial on how to dump Windows passwords by exploiting wdigest in a wdigest downgrade attack. I demonstrate how to exploit the...
by The Ethical Hacking Guru | Jan 9, 2021 | Blueteam, Redteam
Like Kerberoasting, ASREPRoasting is an attack that ends with offline cracking of an encrypted password hash for an account in an Active Directory domain. All it takes is an account with DONT_REQ_PREAUTH enabled. From Microsoft, the definition of this setting:...
by The Ethical Hacking Guru | Jan 9, 2021 | Blueteam, Redteam
The recent news about the SolarWinds hack that involves dozens of government agencies has brought new attention to attack against service accounts through Kerberos manipulation, known as Kerberoasting. Although this is not the only serious attack method against...
by The Ethical Hacking Guru | Jan 1, 2021 | Redteam
Sometimes to perform Windows Privilege Escalation you need to simply exploit the installed software. This is a common scenario for ethical hacking challenges. This tutorial will show you how to exploit remote connection managers, such as mRemoteNG. One of those...
by The Ethical Hacking Guru | Dec 9, 2020 | Become An Ethical Hacker, Redteam, SQLMap
While using SQLMap is not allowed on the OSCP exam, it is an ethical hacking standard and you should be very familiar with it. It is commonly used in interviews for junior penetration tester questions to weed out the wannabees. Enjoy this tutorial, how to use SQLMap...
by The Ethical Hacking Guru | Dec 1, 2020 | Become An Ethical Hacker, PowerShell Empire, Redteam
BC-Security now maintains a fork of the original, its new project is PowerShell Empire 3.0. In the online ethical hacking course Become An Ethical Hacker you will learn how to use PowerShell Empire 3.0 for Windows privilege escalation, and network penetration testing....
by The Ethical Hacking Guru | Nov 26, 2020 | Become An Ethical Hacker, Evil Winrm, Redteam
Windows has a feature named Windows remote management, otherwise known as WinRM. It uses the WS-Management protocol to allow administrators to run scripts remotely. For the ethical hacking lab we will enable this feature on the Windows 2019 server. I show you how to...
by The Ethical Hacking Guru | Nov 14, 2020 | Redteam
by The Ethical Hacking Guru | Nov 7, 2020 | Redteam
Any ethical hacker at one point comes across the Groups.xml file, a distant artifact of a less secure time in Windows history. They still exist out in the wild of course, but it is part of the essential ethical hacking education. In terms of what should you ask your...
by The Ethical Hacking Guru | Oct 31, 2020 | Metasploitable 2
Metasploitable 2 doesn’t come with the shellshock vulnerabillity. But that doesn’t mean we can’t put one there. This tutorial will show you how to exploit shellshock on Metasploitable 2 by Rapid7. What Is The Shellshock Vulnerability? Vulnerable...
by The Ethical Hacking Guru | Sep 12, 2020 | Vulnhub
In this vulnhub walkthrough you will learn how to complete the DMV:1 challenge. I have not figured out the significance of the name yet. There is usually a relation to the name of the box and something in or about the box. DMV: 1 Vulnhub WalkthroughMACHINE...
by The Ethical Hacking Guru | Sep 11, 2020 | Metasploit
Nothing is more annoying than not being able to add new exploits to Metasploit. So to help out I made this how to add exploits to Metasploit tutorial which is updated for msf5. There are many times where the ethical hacker needs to import an external exploit from a...
by The Ethical Hacking Guru | Sep 6, 2020 | Redteam, Vulnhub
So Simple: 1 Vulnhub WalkthroughMACHINE NAME: So Simple: 1AUTHOR: https://www.vulnhub.com/author/roel,713/DIFFICULTY: easy So Simple: 1 Vulnhub Walkthrough Here is the description from vulnhub.com This is an easy level VM with some rabbitholes. Enumeration is key to...
by The Ethical Hacking Guru | May 18, 2020 | Redteam, Vulnhub
I can’t stand when there isn’t a vulnhub walkthrough without Metasploit! So I made this vulnuni:1 vulnhub walkthrough without Metasploit for that reason. The vulnhub vulnuni machine is a vulnerable Linux machine that is good for learning Linux privilege...
by The Ethical Hacking Guru | Feb 8, 2020 | Redteam, Vulnhub
Abusing the Tomcat Manager login is done through vulnerabilities or by guessing or brute forcing the credentials, but there is yet another way. The Apache Axis2 web service has an LFI vulnerability that can be exploited to show hidden credentials in configuration...
by The Ethical Hacking Guru | Feb 1, 2020 | Redteam, Vulnhub
This is the Cynix 1 vulnhub walkthrough for the Cynix 1 vulnerable Linux box found on vulnhub.com, enjoy. You will need Burp Suite Community Edition, I laid out in another post how to setup Burp and FoxyProxy to make the Burp setup process so much easier. Burp Suite...
by The Ethical Hacking Guru | Jan 28, 2020 | Redteam, Vulnhub
This is the Five86:1 Vulnhub tutorial. What is my take on the box? It is a first of a series which is great, because you get to see the individual take of the author on hacking boxes. The box is a great Linux privilege escalation drill and a very realistic scenario...
by The Ethical Hacking Guru | Jan 27, 2020 | Pass The OSCP, Redteam, Vulnhub
Vulnhub is a site that hosts vulnerable machines to help security practictioners hone their offensive security skills. This is the five86 2 Vulnhub walkthrough. It is a hard box and I highly recommend doing it, however if you have not yet done the first one do it now...
by The Ethical Hacking Guru | Jan 26, 2020 | Hashcat, Redteam
There are hashcat tutorial guides and walkthroughs but actually good ones that are curated to provide a complete and practical use by ethical hackers are few and far between. As an Amazon Associate I earn from qualifying purchases. In this hashcat tutorial I am going...
by The Ethical Hacking Guru | Jan 17, 2020 | Elm, Programming
Elm is a functional programming language. It compiles to javascript. It promises a couple things that you won’t find with javascript such as no runtime errors, helpful error messages, and reliable refactoring. We will make an Elm app based on the same structure...
by The Ethical Hacking Guru | Jan 16, 2020 | Redteam
Spraykatz is the evolution of pentesting activities specifically used during the initial internal enumeration phase. Capturing credentials using a technique like LLMNR/NETBIOS spoofing is great, but what happens when you need to dump passwords on machines in a...
by The Ethical Hacking Guru | Jan 15, 2020 | Redteam, Vulnhub
I have some terrible news, this will be my last DC vulnhub tutorial so read on and let’s get started on the DC:9 Vulnhub tutorial. The author (@DC9) made an announcement that the 9th iteration of his DC vulnub series would be his last. Here’s What You Need...
by The Ethical Hacking Guru | Jan 14, 2020 | Redteam
In this Covenant C2 tutorial you will need an Active Directory environment see how to create one quickly here. Covenant is the new command and control framework for red team and pentesting engagements. PowerShell Empire is dead and honestly Covenant is already 10x the...
by The Ethical Hacking Guru | Nov 13, 2019 | Redteam, Vulnhub
This vulnhub Goldeneye walkthrough will show you every step in detail on how to get root level access and capture the final flag step by step. If you would rather setup your own free pentesting labs see my post on how to do so. Here’s What You Need Kali Linux...
by The Ethical Hacking Guru | Sep 26, 2019 | Exploit Development, Redteam
This is the Automate Buffer Overflow Exploitation with Bofhelper post in which I demonstrate the use of this incredible ethical hacking tool. Buffer overflows take time, too much time. Not just that, they also are difficult. Finding which characters have to be...
by guru | Aug 11, 2019 | Redteam, Vulnhub
There are moments that are satisfying in that they validate the reason for doing this site. The Troll 1 Vulnhub Walkthrough is one of those. Nearly all of the other tutorials on various sites with names like hack3rbl0g.io, etc leave out critical details that leave you...
by guru | Jul 19, 2019 | Blueteam, Impacket, Redteam, Responder
SMB is a common network protocol for attacks, and therefore it makes sense that Kali Linux comes with SMB exploitation tools installed. Others need to be installed and utilized, these are often conveniently located on Github. One such tool is Responder. Another tool...
by guru | Jul 18, 2019 | Blueteam, Malware Analysis
It happens everyday, something gets downloaded and noone can really be sure of what the thing is. Is it good, is it bad, what is it? In this malware analysis tutorial I showcase all the leading methods for quickly and effectively analyzing a malicious binary. A...
by guru | Jul 13, 2019 | Redteam, Vulnhub
The escalate_linux walkthrough is the vulnhub machine you need to be doing as a beginner ethical hacker to learn Linux privilege escalation. Escalate_Linux level 1 is a vulnhub virtual machine that boasts 12 different ways to reach root access through leveraging a...
by guru | Jul 9, 2019 | Exploit Development, Programming, Python
When I started learning Go I quickly learned about the benefits of concurrent programing. So when I got a grasp of it in Go, I wondered if Python supported the same thing. Surely Python does, give it is so popular and a modern scripting language. The problem I found...
by guru | Jun 26, 2019 | Redteam
I came across a blog post while researching Linux privilege escalation techniques. The tool that the post covered was a mysterious pentesting tool I had never heard of before. This is how to use Satori for easy Linux privilege escalation. I plan on adding future...
by guru | Jun 16, 2019 | Redteam
Today I am writing about the Mr Robot vulnhub walkthrough made available by vulnhub. It is indeed a Mr Robot inspired virtual machine and luckily it is a VirtualBox ova and not a VMWare collection. This vulnerable machine is really something else, something special. I...
by The Ethical Hacking Guru | May 5, 2019 | Exploit Development, Go, Redteam
In this hacking tutorial I cover how to write a reverse shell in go. Why learn go? Go is compiled so it’s extremely fast and one of the most modern programming languages there is. Interested in writing a Python reverse http shell? See Learn Python By Writing A...
by The Ethical Hacking Guru | Apr 14, 2019 | Redteam
HackInOS is described as a beginner level CTF-style vulnerable machine. This one is particularly challenging because there are multiple subnets involved. That means the vulnerable machine is also the host of a local subnet I find later, the range is 172.18.0.0/24....
by The Ethical Hacking Guru | Apr 14, 2019 | Redteam
Want to practice the skills necessary for developing practical ethical hacking experience? Then read on. That is leveraging Kali Linux against a test virtual machine for one purpose, to go from user to root. Even more so, the goal is to not take the easy way out....
by The Ethical Hacking Guru | Apr 4, 2019 | Redteam
Active Directory BloodHound Walkthrough – A Windows Active Directory forest can get frankly enormous and in the world of AD security, it can hard to tell the trees from the forest (pun). Luckily for both pentesting professionals and for security responders...
by The Ethical Hacking Guru | Mar 2, 2019 | Nessus
Start using Nessus for free in five easy steps or if you are feeling confident about it already and want to purchase an annual subscription. Tenable’s vulnerability scanner, Nessus is a comprehensive vulnerability scanner and is one of the most popular in use...
by The Ethical Hacking Guru | Feb 20, 2019 | AWS, Cloud, Go
In this post I cover how to learn AWS by deploying a Go web app. Overview: Here’s what I’m doing in this post. We are going to setup a new AWS instance in a few easy steps that will be able to host a Go web server. Calling this web server will return a...
by The Ethical Hacking Guru | Aug 29, 2021 | Become An Ethical Hacker
